REMARKS 

The Office Action dated December 27, 2007, has been received and carefully 
noted. The above amendments to the claims, and the following remarks, are submitted as 
a full and complete response thereto. 

Claims 1-78 are currently pending in the application, of which claims 1, 24, 47, 
61, and 75-78 are independent claims. Claims 47, 52, 54, and 78 have been amended to 
more particularly point out and distinctly claim the invention. No new matter has been 
added, and no new issues have been raised that would require further consideration 
and/or search. Entry of the amendments is respectfully requested on the basis that it 
places the application in condition for allowance, or would materially simplify the issues 
for appeal. Claims 1-78 are respectfully submitted for consideration. 

Claims 6-18, 29-41, 48-60, 62-74 were indicated as containing allowable subject 
matter but were objected to as being dependent from rejected base claims. Applicants 
thank the Examiner for this indication of allowable subject matter. The base claims from 
which claims 6-18, 29-41, 48-60, 62-74 depend should also be allowed, as discussed 
below, and consequently it is respectfully requested that the objection to claims 6-18, 29- 
41, 48-60, 62-74 be withdrawn. 

Claims 61-74 and 76-77 were objected to on the grounds that they "merely recite a 
number of structures capable of performing a respective function" without reciting the 
execution of such a function. However, it is to be noted that in the apparatus claims such 
as those identified, it would not seem to be appropriate to discuss performing the 
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functions, since that would seem to convert the apparatus claim into a method claim, or 
potentially confuse the reader regarding whether an apparatus (defined by structures 
capable of performing various functions) or a method (defined by functions being 
performed) is being claimed. As the claims stand, the claims are definite and avoid that 
potential ambiguity. Accordingly, Applicants respectfully request that the objection to 
claims 61-74 and 76-77 be withdrawn. 

Claims 47-60 and 78 were rejected under 35 U.S.C. 101, as being directed to non- 
statutory subject matter, but it was indicated that the claims could be amended to 
overcome the rejection. Without prejudice or disclaimer, the claims have been amended, 
and it is respectfully submitted that claims as amended are directed to proper statutory 
subject matter. 

Claims 1-5, 19-28, 42-47, 61, and 75-78 were rejected under 35 U.S.C. 102(b) as 
being anticipated by U.S. Patent No. 6,154,775 of Coss et al. ("Coss"). Applicants 
respectfully traverse this rejection. 

Claim 1, upon which claims 2-23 depend, is directed to a method of handling data 
packets in a network device. The method includes receiving an incoming data packet. 
The method also includes parsing the incoming data packet to obtain a portion of the 
incoming data packet. The method further includes comparing said portion with rules 
stored in a rule table, where each rule of said rules specifies a set of actions. The method 
additionally includes selecting a match between said portion and a particular rule of said 
rules. The method also includes executing a particular set of actions specified by said 
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particular rule. Each rule field of said rules includes a mask and a selection flag used in 
the comparing said portion with each rule. 

Claim 24, upon which claims 25-46 depend, is directed to a network device for 
handling data packets. The device includes a rules table. The device also includes means 
for receiving an incoming data packet. The device further includes means for parsing the 
incoming data packet to obtain a portion of the incoming data packet. The additionally 
includes means for comparing said portion with rules stored in said rule table, where each 
rule of said rules specifies a set of actions. The device also includes means for selecting a 
match between said portion and a particular rule of said rules. The device further 
includes means for executing a particular set of actions specified by said particular rule. 
Each rule field of said rules includes a mask and a selection flag used by the means for 
comparing said portion with each rule. 

Applicants respectfully submit that Coss fails to disclose or suggest all of the 
elements of any of the presently pending claims. 

Coss generally relates to methods and an apparatus for a computer network 
firewall with dynamic rule processing with the ability to dynamically alter the operations 
of rules. Coss provides, as illustrated at Figure 8 thereof, a rules table that includes a list 
of rules, each of which has a corresponding action associated therewith. In addition, each 
rule can have a "hit count" associated with rule. 

Claims 1 and 24 each recite, in part, "each rule of said rules specifies a set of 
actions." Coss fails to disclose or suggest at least this feature of claims 1 and 24. As can 
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be seen clearly from Figures 3 and 8 of Coss, each of the rules is associated with a single 
action, not a set of actions. Figure 3 and column 4, lines 31-34 were cited by the Office 
Action with respect to this feature, but neither portion of Coss discloses more than a 
single action per rule. Thus, Coss fails to anticipate claims 1 and 24, because Coss fails 
to disclose or suggest all of the features of claims 1 and 24. 

Furthermore, it would not have been obvious to modify Coss such that its rules 
specify a set of actions. Coss is directed to a firewall that either drops or passes packets. 
It would not make sense for Coss to have a rule that specifies more than one of those two 
actions, because those two actions are mutually exclusive. Thus, one of ordinary skill in 
the art would not have found motivation or suggestion to modify Coss, even if it could be 
shown that other rules lists existed in which a set of actions were provided corresponding 
to each rule (not demonstrated in the Office Action, and not admitted). Accordingly, 
Coss also cannot possibly render the subject matter of claims 1 and 24 obvious. Thus, it 
is respectfully requested that the rejection of claims 1 and 24 be withdrawn. 

In the "Response to Arguments" section, the Office Action asserted, as best 
understood, that "pass," "drop," or "proxy," is the set of actions that corresponds to the 
claimed set of actions. Applicants respectfully submit that the alleged correspondence 
creates a fundamental inconsistency in the rejection. 

Coss clearly indicates that any given rule is only associated with one of the actions 
from the set identified by the Office Action. Thus, although Coss may disclose the 
concept of a "set of actions" (not admitted), Coss does not disclose that "each rule of 
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said rules specifies a set of actions," as recited in claims 1 and 24 (emphasis added). 
Instead, in Coss, each rule would specify only a single action from the set of actions 
identified by the Office Action. A single action is not a set of actions. Therefore, Coss' 
disclosure cannot correspond to what is recited in the claims. Accordingly, it is 
respectfully requested that the rejection of claims 1 and 24 be withdrawn. 

Additionally, claims 1 and 24 each recite, in part, "wherein each rule field of said 
rules includes a mask and a selection flag used [for] comparing said portion with each 
rule." Coss also fails to disclose or suggest at least this feature of claims 1 and 24. 

The Office Action cited column 7, lines 29-61, as allegedly corresponding to this 
feature. The cited passage of Coss discusses a "dependency mask" with reference to 
Figures 7 and 8 of Coss. The cited passage also mentions that a "hit count" field is used. 
As explained in Coss, " 'Hit count' indicates the number of matches which must be found 
in the cache for the specified action to be taken." These teachings do not correspond to 
what is claimed. 

As noted above, the claimed "selection flag" is "used [for] comparing said portion 
with each rule," as recited in claims 1 and 24. The "hit count" of Coss is not used for 
comparing a portion of a packet with a rule. Instead, "hit count" in Coss is used to 
compare the rule to the contents of the cache. Thus, for example, as Coss indicates: "in 
the dependency mask named "realaudio," a count of 1 is used for passing UDP packets 
provided one requisite TCP session is active [and in] the dependency mask "telnet," a 
count of 10 is used to drop packets to prevent overloading resources." Accordingly, "hit 
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count" of Coss cannot correspond to the claimed "selection flag" because the "hit count" 
of Coss is used in comparing a rule to a cache, not in comparing a portion of a packet to a 
rule. Thus, for this additional reason, Coss fails to anticipate claims 1 and 24. 

Furthermore it would not have been obvious to modify "hit count" of Coss to be 
used in comparing the rule to the portion of the packet. The very concept of "hit count" 
requires reference to historical data (to the extent any comparison is to be made). Thus, a 
"hit count" of one requires no comparison at all, but a "hit count" of ten absolutely 
requires comparison to historical data, which will be data outside the portion of the 
packet. One of ordinary skill in the art consequently would not have been motivated to 
modify Coss' "hit count" to be "used [for] comparing said portion with each rule," as 
recited in claims 1 and 24. Accordingly, Coss also cannot possibly render the subject 
matter of claims 1 and 24 obvious. Thus, it is respectfully requested that the rejection of 
claims 1 and 24 be withdrawn. 

In the response to arguments section, the Office Action presented some statements 
that indicated disagreement with the distinction noted above. The Office Action, 
however, fails to raise any plausible interpretation in which the "hit count" of Coss would 
be used in comparing the rule to the portion of the packet. Instead, the Office Action 
made comments about general principles of interpretation and stated that the "hit count" 
is used "to indicate the number of matches which must be found in the cache for the 
specified action to be taken," and then placed the claim limitation in parenthesis 
following this description. Applicants respectfully submit that the Office Action's own 
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characterization of the utilization of the "hit count" demonstrates that the "hit count" is 
not "used [for] comparing said portion with each rule," as recited in claims 1 and 24, and 
consequently does not correspond to what is recited in the claims. 

Applicants recognize that the claims must be interpreted as broadly as reasonably 
possible, but Applicants respectfully submit that nevertheless every recitation of the 
claim must be considered in light of the understanding of one of ordinary skill in the art, 
reading the claim in light of the specification (including the context of the claim itself). 
Thus, Applicants respectfully submit that because "to indicate the number of matches 
which must be found in the cache for the specified action to be taken" (Office Action's 
description of the function of "hit count") is not equivalent to "used [for] comparing said 
portion with each rule" (as recited in claims 1 and 24) as that phrase would be understood 
by one of ordinary skill in the art, reading the claim in light of the specification, even 
under the broadest reasonable interpretation, therefore, it is respectfully requested that the 
rejection of claims 1 and 24 be withdrawn. 

Claims 2-5, 19-23, 25-28, and 42-46 depend respectively from, and further limit, 
claims 1 and 24. Thus, it is respectfully requested that the rejection of claims 2-5, 19-23, 
25-28, and 42-46 be withdrawn at least for the reasons discussed above. 

Although the rejection has been discussed in view of claims 1 and 24, independent 
claims 47, 61, and 75-78 (which each have their own respective scope) recite similar 
limitations and were not separately rejected. Thus, for the same or similar reasons, it is 
respectfully requested that the rejection of 47, 61, and 75-78 be withdrawn. 
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For the reasons set forth above, it is respectfully submitted that each of claims 1- 
78 recites subject matter that is neither disclosed nor suggested in the cited art. It is, 
therefore, respectfully requested that all of claims 1-78 be allowed, and that this 
application be passed to issuance. 

If, for any reason, the Examiner determines that the application is not now in 
condition for allowance, it is respectfully requested that the Examiner contact, by 
telephone, Applicants' undersigned attorney at the indicated telephone number to arrange 
for an interview to expedite the disposition of this application. 

In the event this paper is not being timely filed, Applicants respectfully petition for 
an appropriate extension of time. Any fees for such an extension together with any 
additional fees may be charged to Counsel's Deposit Account 50-2222. 
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